<?php
session_start();
include '../connect.php';
	if ( isset($_SESSION['auth']) )
		if ( isset($_GET['onlyname']) )
		{
			if ( isset($_GET['username']) )
			{
	
				$username = $_GET['username'];
				$sql = "SELECT * FROM $table_name 
				  WHERE user_name='$username'";
				$result = mysql_query($sql,$db);
				$infos = mysql_fetch_array($result);
	
	
			?>
	
			<form method="post" id="modifuser" action="modif_user.php" name="modifuser">
			<div class="c50l">
				<div class="subcl">
	
					<p><label for="pseudo">Pseudo: </label><input id="pseudo" type="text" name="pseudo" value="<?php echo $username; ?>" /></p>
					<p><label for="prenom">Prenom: </label><input id="first_name" type="text" name="prenom" size="20" value="<?php echo $infos['first_name'];?>" /></p>
					<p><label for="nom">Nom: </label><input id="last_name" type="text" name="nom" value="<?php echo $infos['last_name'];?>" /></p>
					<p><label for="rue">Rue: </label><input id="street" type="text" name="rue" value="<?php echo $infos['street'];?>" /></p>
					<p><input type="submit" name="validProfil" value="Envoyer" /></p>
	
				</div>
			</div>
	
			<div class="c50r">
	
				<div class="subcr">
	
					<p><label for="ville">Ville: </label><input id="city" type="text" name="ville" value="<?php echo $infos['city'];?>" /></p>
					<p><label for="cp">Code postal: </label><input id="zip" type="text" name="cp" value="<?php echo $infos['zip'];?>" /></p>	
					<p><label for="email">Email: </label><input id="mail" type="text" name="email" value="<?php echo $infos['email'];?>" /></p>
					<p><label for="phone">Tel:<br/> </label><input type="text" name="phone" value="<?php echo $infos['phone'];?>" /></p>
	
	
	
				</div>
			</div>
	
			</form>
			<?php
		}
		}
		elseif ( isset($_POST['validProfil']) )
		{
		$first_name = $_POST['prenom'];
		$last_name = $_POST['nom'];
		$street = $_POST['rue'];
		$city = $_POST['ville'];
		$zip = $_POST['cp'];
		$phone = $_POST['phone'];
	
		$sql2 = ("UPDATE ".mysql_real_escape_string($table_name)." 
		SET first_name='".mysql_real_escape_string($first_name)."', 
			last_name='".mysql_real_escape_string($last_name)."',
			street='".mysql_real_escape_string($street)."' ,
			city='".mysql_real_escape_string($city)."',
			zip='".mysql_real_escape_string($zip)."',
			phone='".mysql_real_escape_string($phone)."' 
		WHERE user_name='".mysql_real_escape_string($_POST['pseudo'])."'");
			mysql_query($sql2,$db) or die('impossible de modifier le profil'.mysql_error());
		header("Location:".$_GLOBALS['site_url']."index.php"); 
	
		}
	}
	
	

?>